GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission

GHSA-jjxq-ff2g-95vh: Twig has unguarded calls to `__isset()` and to array-accesses when the sandbox is enabled

GHSA-6377-hfv9-hqf6: Twig has unguarded calls to `__toString()` when nesting an object into an array

GHSA-hv6m-qj65-26q3: UnoPim Cross-site Scripting vulnerability

GHSA-rhm9-gp5p-5248: Gradio vulnerable to arbitrary file read with File and UploadButton components

xaviershay-dm-rails Gem for Ruby contains a flaw in the `execute()` function in `/datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb`. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information.


**xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table**

Moderate severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database

Headline

GHSA-88p8-4vv5-82j7: xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

ghsa: Latest News